Ride Diary: Saturday 10/19

Weather started out cool. Wore my new long sleeved Novara jersey for the first time and needed my full fingered gloves.

Headed west via 26th Avenue and 32nd Avenue. Passed and was passed by many cyclists. Lots of groups out. I rode by a rather large one gathering at a church at 32nd Ave and McIntyre St. As I went by the Coor’s brewery, they went past me in a rather spirited fashion. They looked like they were having fun and ready to climb Lookout Mountain (I’ll do that one of these days).

Got to Vanover park in Golden. The leaves were falling on a couple of trees and presented an excellent photo op.

Autumn Ride

After a brief rest, turned my bike back around and went up Clear Creek. According the RideWithGPS app on my phone, I reached 37.5 MPH on a downhill section of this. If that’s true, I think that’s my record on a bicycle. Fortunately, the trail was completed devoid of other humans at that time.

Once I reached the I-70 underpass along the Clear Creek trail, I took a moment to debate if I wanted to keep heading up it, or head back home on the roads. I took the road option.

Turned down the Youngfield Service Rd and headed back east on 32nd Ave. At some point I ended up on 26th Ave and headed home.

Here’s my ride from the RideWithGPS app.

Bike Lock Strategies: The Ring Lock

Leave your bicycle unattended anywhere, and you’re going to worry about someone walking away with it. It’s important to have a good strategy for locking bicycles.

Many locking strategies often consist of carrying multiple items to lock your bike, such as multiple locks, or supplementing your lock(s) with cables. This is necessary because parts on modern bicycles are made to be easily removed, which is the opposite of what you want if you need to leave your bike unattended.

The ring lock, or frame lock, is not seen very often in the United States. Very common in Europe, the ring lock usually attaches to the seat stays, and immobilizes the bike by placing a metal rod through the wheel’s spokes. My primary commuter bicycle is equipped with one, and it is my favorite lock ever.

Ring Lock & Purple Tektro CantileverWhat’s great about the ring lock, the lock is always with my bicycle. I can put my key in it and immediately immobilize my bicycle. Great for quick trips.

Also, many ring locks like the ABUS Amparo pictured above have cables and chains you can plug into the side. This allows you to secure your bicycle to a stationary object such as a bike rack. Combine it with anti-theft skewers (such as Velo Orange’s) and you have a pretty decent bicycle theft prevention system.

Unfortunately, these are pretty difficult to obtain in the states.

Stop de Kindermoord (Stop the Child Murder)

Most cyclists in America are aware that the Netherlands is a cycling country. So much so, that nationwide, 27% of all trips in the Netherlands are by bicycle. Digest that statistic for a moment. That means, over one quarter of all trips in the Netherlands are by bicycle. So how’d the Dutch arrive there?

A lot of articles on the subject point to a movement in the 1970s calls “Stop de Kindermoord” which literally translates to English as “Stop the Child Murder.” The following is a quote from David Hembrow on a blog post of his:

1973 was also the year that the pressure group “Stop de Kindermoord” (“Stop the Child Murder”) started. The object of this group was to point out the number of deaths caused to children and to campaign to reduce them. They successfully influenced the Dutch government to re-emphasize building of segregated cycle paths, and to make money available to pay for them. This resulted in both a rise in cycling and a reduction in cyclist deaths, reversing the previous trend. It has been a success not only for child cyclists, but for all cyclists, and indeed for the population as a whole.

In my opinion, campaigning for children is the best way to make progress in America. People for Bikes has recently taken this idea and started their own campaign: Build it for Isabella. It’s a simple concept: “Every new bike project should strive to be usable by a 12-year old.”

Here’s Isabella:

When considering current designs of infrastructure in the Denver area, I have a hard time imagining Isabella riding on most of our infrastructure.

For example, can you envision her sharing the road when sharrows are involved?

Denver Sharrows on Sherman St

What about even buffered bike lanes like this?

Champa St Bike Lane

Or is this more like it?

Bannock Cycle Track

The above looks like something Isabella could safely ride on, if she’s heading toward the photo. But what about the bike lane for those riding away from the photo?

I would also like to point out that protected tracks like pictured above are not enough. Protected intersections are also necessary. The Bannock cycle track posted above abruptly ends, leaving Isabella on the sidewalk, mixing with pedestrians and riding through crosswalks. (The sign in the photo below cautioning cyclists to slow has since been removed.) There is no clear indication of where she can safely ride from here.

Bannock Cycle Track Ends

We even have here in Denver, the first of what cycling advocates are calling a protected lane in the form of the 15th Street Bikeway. It has many positive design elements, such as:

  1. A protected buffer from the rest of traffic (done with plastic sticks bollards).
  2. Intersection treatments, like green zebra strips.
  3. Bicycle signals at the end of the track.

Here again though, the design has serious deficiencies that would keep Isabella’s parents from considering it safe for her:

  1. “Mixing zones” where cars need to turn left across the bike lane.

  2. A lack of interconnected routes.
  3. Abrupt ending of the lane where cyclists must merge back in with traffic.

Denver can and should do better. If we ever want to cycling to reach double digits modal share, or to see our children cycling like the Dutch we need to do better. This video is something that I think we can achieve in American cities:

How the U.S.’s Bicycle Infrastructure Fails the Rural Cyclist

Greetings long time readers. Thanks for bearing with me during my hiatus from posting as well as the moving around of things. If you’re still reading this, you’re a dedicated friend. :)

I’d like to take a moment and discuss Cherokee Schill’s fight in Kentucky. The basic gist, she’s been fighting a court battle over whether or not she has the right to ride in the middle of a lane on a busy highway running between two towns in Kentucky. I’m not familiar with the highway or traffic conditions at all, so I’m not going to express an opinion except for this, she should have never have been placed in a position to have to make that choice.

The U.S.’s bicycle infrastructure has failed Cherokee Schill and has failed every other cyclist who has been forced to make the choice of taking the lane on a busy highway and possibly incurring the wrath of local law enforcement (even if the law allows you to take the lane) or riding in a shoulder poorly designed for cyclists. Either option is also not seen as safe by the general public, nor is either option pleasant for cyclists who chose to brave these highways.

We can do better. Infrastructure for cyclists, where it exists in the U.S., is piss poor. This is doubly so for rural highways where motorized traffic speeds are much higher.

Take a look at this video:

This is great cycling infrastructure from the Dutch. They’ve got this figured out.

Compare that to conditions that Cherokee Schill encounters on her commute:

Yes, Cherokee had a shoulder. It’s difficult to tell, but there is a rumble strip on that shoulder that is no fun for cyclists to cross. It also difficult to see if and what kind of debris exists on the shoulder. That’s not a road that the large majority of people in the U.S. would ride their bicycle on, much less on a daily basis for their commute. Kudos to Cherokee for braving that road.

Bicycling will never become mainstream for transportation in the U.S. until we step up our game and design and provide infrastructure that is on par with that of the Dutch.

A Review of Republic Wireless

I recently made a switch to Republic Wireless, a low-cost MVNO (Mobile Virtual Network Operator) on Sprint’s network. I’ve been with them for a little over a week and wanted to share my experience.

Wi-Fi calling

First, a little background about Republic Wireless. They’re owned by Bandwidth.com, which is a fairly large VoIP services provider. What makes them unique is Republic Wireless will offload your phone calls over a connected Wi-Fi network instead of using the cellular network. If for some reason, your phone detects problems with the Wi-Fi, your phone will handover the call to Sprint’s cellular network. If you’re not within range of any configured Wi-Fi networks, it will place and receive calls through Sprint’s cellular network. Your SMS and MMS messages even get pushed through an available Wi-Fi network.

Continue reading

Getting Modem Statistics to Cacti

I’ve been having problems with a flaky DSL connection from CenturyLink. My modem would frequently ‘retrain,’ that is, disconnect and reconnect the DSL session. This is rather annoying, and since I use VoIP for most phone calls when I’m at home, very irritating.

I wanted a method to log the modem’s statistics and see if I could find any correlation with the drops. One of the unfortunate realities with consumer level equipment is the lack of standard monitoring capabilities. Most enterprise level equipment support SNMP, which allows various software programs to request information.

Continue reading

Guesstimating Quality of VoIP pt. 2: VoIP Spear

In part 1 of this series, I went over the basics of using Pingtest.net to guesstimate how well your Internet connection can handle VoIP calls. Pingtest.net is a great for one time measurements of important metrics such as latency, packet loss and jitter.


In this post, I’ll talk about VoIP Spear. VoIP Spear is a service that will allow continuous monitoring of your Internet connection. The site works by sending ICMP echo requests to your public IP address.

Continue reading

Guesstimating Quality of VoIP pt. 1: Pingtest.net

Utility LinesLand-based telephony is quickly going the way of the Dodo. More and more people are either completely getting rid of their telephone line entirely (and relying on cell phones) or they’re switching to lower-cost VoIP services such as Ooma or Vonage. Switching to a VoIP service sounds like a great deal, however, what is not always apparent is the quality of your Internet connection can greatly affect the quality of calls.

If you’re considering switching to VoIP, you’d be wise to make sure your Internet connection is going to provide you with acceptable quality.

There are a couple things you can do to estimate the quality of VoIP calls. This post will discuss Ookla’s Pingtest.net. I’ll write another post that will discuss a service for continuous monitoring of your connection.

Continue reading

Patching Lync Server 2013 Frontends

We finally implemented a complete HA solution at work for Lync Server 2013. This includes three frontend servers. This allows us to perform maintenance on the frontends with very little end user impact. When applying Windows Updates to Lync Server 2013, you should always follow Microsoft’s advice at this article. Having said that, here are a couple powershell commands you can use to make stopping the services on the frontends easier.

Perform the following steps after issuing the command Get-CsPoolUpgradeReadinessState and following Microsoft’s recommendations.

  1. The first command allows you to set all services into a manual startup state. This is necessary in case a server needs to be rebooted multiple times to apply updates.
    Get-CsWindowsService | Set-Service -StartupType Manual
  2. Next, stop all the services gracefully. This allows steady draining of connections.
    Stop-CsWindowsService Graceful
  3. Apply all the updates you need and reboot as necessary. If you have a three frontend setup, you can keep one frontend down for as long as necessary, provided neither of the other two fail.*
  4. Once all updates are applied, start the services.
  5. Now, we can set the services back to delayed automatic startup.
    Get-CsWindowsService | %{"sc.exe config " + $_.Name + " start= delayed-auto" | Invoke-Expression}
    Note that the above command is a bit more complex than the counterpart that sets all services into manual mode. This is because the Set-Service cmdlet doesn’t have functionality for delayed automatic startup.

I hope that helps. I found it was going to be tedious opening the services MMC and setting each service to manual individually and reversing that.

* In Microsoft’s Lync Server supported topologies article, it is noted that in a three server farm, if the number of frontends drops below two, the remaining frontend goes into survivability mode and stops Lync services after five minutes. Keep that in mind when planning maintenance.

F5 Big-IP LTM Active Directory Authentication

This is something that took me much longer than it probably should have.

We have a couple new F5 Big-IP LTM load balancers that we’re in the middle of setting it up. We wanted to have Active Directory authentication.

First we need specify how to connect to our Active Directory:

  1. Log into the web console with the admin account
  2. Navigate to System -> Users -> Authentication
  3. Leave Authentication at Basic and click the Change… button.
  4. Set User Directory to Remote – Active Directory
  5. Set Host to your domain name. If you need a specific domain controller, enter that instead.
  6. Set Remote Directory Tree to the distinguished name of the container in which your user accounts reside. F5 recommends this be as specific as possible. This should be something like: ou=AdminAccounts,dc=contoso,dc=com.
  7. Next, you can either specify a specific account to bind to LDAP with, or use the user’s credentials. We used the user’s credentials. To do that, you can set the User Template attribute and do not enter anything in Bind. Our User Template looks something like: %s@contoso.com. The %s indicates what the user types into the logon screen.
  8. Leave the rest as defaults.
  9. Click Finished.

You probably have something that looks like this:

CLB1 Active Directory

We now need to specify which groups have what access.

  1. Click the Remote Role Groups tab.
  2. Click the Create… button.
  3. Enter a Group Name.
  4. Enter a Line Order. The LTM will process groups in order of their Line Order number. F5 recommends your first group starts at 1000, so you have room before and after.
  5. For Attribute String, enter an LDAP attribute to match off of. Most people will use an Active Directory group containing the administrative accounts. This is done with the Attribute String like: memberOf=cn=LTMAdmins,ou=AdminGroups,dc=contoso,dc=com.
  6. Set Remote Access to Enabled in order to allow the group remote access. (Probably want this enabled)
  7. Set Assigned Role to the role these users should reside in.  Administratorgives full access.
  8. We set Partition Access to All. Set this appropriately.
  9. Terminal Access specifies the terminal which the users have access. tmsh is the default.
  10. Click Finished.

You should now have something like this:

CLB1 Remote Groups

That should get you basic Active Directory authentication working with a group of Administrators.